Expertise

Cloud Native Engineer

My expertise

11 years of designing, deploying and operating Kubernetes & OpenShift platforms in production — from banking to energy.

KubernetesOpenShiftHashiCorp VaultTerraformGitOpsPrometheus / Grafana

Technical domains: Kubernetes & OpenShift, Infrastructure as Code, secrets management (HashiCorp Vault / OpenBao), monitoring (Prometheus / Grafana / Alertmanager), logging (EFK / Loki).

Expertise 1 — Kubernetes & OpenShift

7 years of operational experience on the Kubernetes / OpenShift ecosystem — from initial architecture to production operations.

Skills

  • Cluster architecture & design — High availability, multi-tenant, bare metal, VMware, cloud
  • OpenShift 3.x → 4.x migrations — 50+ applications migrated at National Bank of Canada
  • Hardening & security — ETCD encryption, certificate rotation, RBAC, Network Policies, RHACM, RHACS
  • Monitoring & observability — Prometheus, Grafana, Alertmanager — custom dashboards and alerts
  • Backup & restore — OADP / Velero for workloads, PV/PVC; ETCD backup to S3
  • Toolingoc, kubectl, helm, ArgoCD, custom Operators

Expertise 2 — Infrastructure as Code (Terraform & Ansible)

Terraform Associate certified (2024). Full lifecycle infrastructure automation — reproducible, versioned, deterministic deployments.

Skills

  • Terraform — Reusable modules, refactoring, multi-provider (AWS, GCP, VMware vSphere, VMware Cloud Director)
  • Ansible — Configuration playbooks, OpenShift post-install, cluster lifecycle on Flatcar Linux / Fedora CoreOS
  • GitOps — ArgoCD for continuous deployment, declarative sync
  • CI/CD — Jenkins and Tekton pipelines for containerised applications
  • Measured results — −60% OpenShift deployment time, −80% manual errors

Expertise 3 — Secrets Management (HashiCorp Vault & OpenBao)

Production-grade HA secrets management, natively integrated with Kubernetes clusters.

Skills

  • HashiCorp Vault — HA on Kubernetes, integrated SSL, Raft backend, automated S3 backup
  • OpenBao — Open source alternative, HA Kubernetes deployment
  • Internal PKI — Public key infrastructure, automated certificate rotation
  • Kubernetes integration — Vault Agent Injector, CSI driver, ServiceAccount auth
  • Observability — Vault-dedicated Grafana dashboards — performance metrics + alerts
Scroll to Top